On Sunday, March 26, 2017 at 7:40:20 PM UTC+8, Ho Yeung Lee wrote:
> On Sunday, March 26, 2017 at 7:32:12 PM UTC+8, Ho Yeung Lee wrote:
> > On Sunday, March 26, 2017 at 10:33:51 AM UTC+8, Deborah Swanson wrote:
> > > Someone here can probably help you, but they'll need your Python
> > > version, operating system, and full traceback. They get tired of saying
> > > so.
> > >
> > > In this case, the full traceback is needed to see what went wrong and
> > > when (after which statements).
> > >
> > >
> > > Ho Yeung Lee wrote, on Saturday, March 25, 2017 1:38 AM
> > > >
> > > > expect below to run forever and keep running a fixed number
> > > > of thread in python
> > > >
> > > > would like to kill tasks when process connect internet except
> > > > chrome and explorer.exe
> > > >
> > > > i do this because MalwareBytes can not disconnect these
> > > > existing trojan when my notebook connect internet
> > > >
> > > > after run a few minutes, the program stopped, but i have
> > > > already kept create process, why the whole program end?
> > > >
> > > > why and how to debug when error in for proc in psutil.process_iter()?
> > > >
> > > >
> > > > import os
> > > > import psutil
> > > > import multiprocessing
> > > > import time
> > > > import sys
> > > >
> > > > def cleantask():
> > > > p = os.popen("netstat -ano")
> > > > while 1:
> > > > line = p.readline()
> > > > if "TCP" in line or "UDP" in line:
> > > > linelist = line.split()
> > > > if len(linelist) > 4:
> > > > if "LISTEN" in str(linelist[3]):
> > > > for proc in psutil.process_iter():
> > > > try:
> > > > if "pop" not in str(proc.name).tolower():
> > > > os.system("taskkill /f /pid
> > > > "+str(proc._pid))
> > > > except:
> > > > dummy = 1
> > > > #print "Unexpected error:",
> > > > sys.exc_info()[0]
> > > > #print "Unexpected error:",
> > > > sys.exc_info()[1]
> > > > if "ESTABLISHED" in str(linelist[3]):
> > > > if "127.0.0.1" not in str(linelist[2]):
> > > > for proc in psutil.process_iter():
> > > > try:
> > > > if str(linelist[4]) in
> > > > str(proc._pid):
> > > >
> > > > print(str(linelist[2])+","+str(linelist[4])+","+proc.name)
> > > > if "111.221" not in
> > > > str(linelist[2]) and "explorer.exe" not in str(proc.name).tolower():
> > > > os.system("taskkill /f
> > > > /pid "+str(proc._pid))
> > > > except:
> > > > dummy = 1
> > > > #print "Unexpected error:",
> > > > sys.exc_info()[0]
> > > > #print "Unexpected error:",
> > > > sys.exc_info()[1]
> > > > print(line)
> > > > if not line: break
> > > >
> > > > if __name__ == '__main__':
> > > > print("main")
> > > > try:
> > > > numberofrunning = 0
> > > > plist = []
> > > > for ii in range(0,5):
> > > > p = multiprocessing.Process(target=cleantask(), args=(0,))
> > > > p.start()
> > > > plist.append(p)
> > > > numberofrunning = numberofrunning + 1
> > > > time.sleep(1)
> > > > for pp in plist:
> > > > pp.join()
> > > > if pp.is_alive() == False:
> > > > numberofrunning = numberofrunning - 1
> > > > plist.remove(pp)
> > > > if numberofrunning > 10:
> > > > print "more than 10 process"
> > > > else:
> > > > print("number of process = " + str(numberofrunning))
> > > > if numberofrunning <= 5:
> > > > p =
> > > > multiprocessing.Process(target=cleantask(), args=(0,))
> > > > p.start()
> > > > plist.append(p)
> > > > numberofrunning = numberofrunning + 1
> > > > time.sleep(1)
> > > > except:
> > > > print "Unexpected error:", sys.exc_info()[0]
> > > > print "Unexpected error:", sys.exc_info()[1]
> > > > --
> > > > https://mail.python.org/mailman/listinfo/python-list
> > > >
> >
> > after window update error, I can not login window and reset system and
> > reinstall every thing
> >
> > python 2.7.12
> >
> > there is no error when run, but it end after running a few minutes
> > if commend the forever loop in main
> >
> > import os
> > import psutil
> > import multiprocessing
> > import time
> > import sys
> >
> > def cleantask():
> > bufsize = 0
> > f = open("d:\\killlist.txt",'a',bufsize)
> > p = os.popen("netstat -ano")
> > while 1:
> > line = p.readline()
> > if "TCP" in line or "UDP" in line:
> > linelist = line.split()
> > if len(linelist) > 4:
> > if "LISTEN" in str(linelist[3]):
> > for proc in psutil.process_iter():
> > try:
> > if "pop" in str(proc.name).lower():
> > os.system("taskkill /f /pid
> > "+str(proc._pid))
> > #print("here8")
> >
> > print(str(linelist[2])+","+str(linelist[4])+","+proc.name +" is killed ")
> > #print("here9")
> > path = proc.exe()
> >
> > print(str(linelist[2])+","+str(linelist[4])+","+proc.name +" at " +
> > str(path))
> > #print("here10")
> > except:
> > dummy = 1
> > #print "Unexpected error:", sys.exc_info()[0]
> > #print "Unexpected error:", sys.exc_info()[1]
> > if "ESTAB" in str(linelist[3]):
> > if "127.0.0.1" not in str(linelist[2]):
> > for proc in psutil.process_iter():
> > try:
> > if str(linelist[4]) in str(proc._pid):
> >
> > #print("here1a")
> >
> > print(str(linelist[2])+","+str(linelist[4])+","+str(proc.name))
> > #print("here2a")
> >
> > #print(str(linelist[2])+","+str(linelist[4])+","+proc.name)
> >
> > #print("here3a")
> > if "111.221" in str(linelist[2]):
> > dummy = 1
> > elif "explorer.exe" in
> > str(proc.name).lower():
> > dummy = 1
> > elif "svchost" in str(proc.name).lower():
> > dummy = 1
> > elif "cmd" in str(proc.name).lower():
> > dummy = 1
> > else:
> > os.system("taskkill /pid
> > "+str(proc._pid))
> > #print("here1")
> >
> > print(str(linelist[2])+","+str(linelist[4])+","+str(proc.name) +" is killed
> > ")
> > #print("here2")
> > path = proc.exe()
> >
> > print(str(linelist[2])+","+str(linelist[4])+","+str(proc.name) +" at " +
> > str(path))
> > #print("here3")
> >
> > f.write(str(linelist[2])+","+str(linelist[4])+","+str(proc.name) +" at " +
> > str(path) +"\n")
> > except:
> > dummy = 1
> > print "Unexpected error:", sys.exc_info()[0]
> > print "Unexpected error:", sys.exc_info()[1]
> > #print("here6")
> >
> > f.write(str(linelist[2])+","+str(linelist[4])+","+str(proc.name) +" can not
> > kill at " + str(path) +"\n")
> > #print("here7")
> > f.flush()
> > print(line)
> > if not line: break
> > f.close()
> >
> >
> > if __name__ == '__main__':
> > print("main")
> > #while 1:
> > try:
> > numberofrunning = 0
> > plist = []
> > for ii in range(0,100):
> > p = multiprocessing.Process(target=cleantask(), args=(0,))
> > p.start()
> > plist.append(p)
> > numberofrunning = numberofrunning + 1
> > time.sleep(1)
> > for pp in plist:
> > pp.join()
> > if pp.is_alive() == False:
> > numberofrunning = numberofrunning - 1
> > plist.remove(pp)
> > if numberofrunning > 100:
> > print "more than 100 process"
> > else:
> > print("number of process = " + str(numberofrunning))
> > if numberofrunning <= 90:
> > p = multiprocessing.Process(target=cleantask(),
> > args=(0,))
> > p.start()
> > plist.append(p)
> > numberofrunning = numberofrunning + 1
> > time.sleep(1)
> > except:
> > print "Unexpected error:", sys.exc_info()[0]
> > print "Unexpected error:", sys.exc_info()[1]
>
>
> another problem is'psutil.AccessDenied'
>
> 原因: 此為重要的系統處理程序。Taskkill 無法結束此處理程序。
> 204.79.197.200:443,1384,<bound method Process.name of <psutil.Process(pid=0,
> name='System Idle Process') at 62855096>> is killed
> Unexpected error: <class 'psutil.AccessDenied'>
> Unexpected error: psutil.AccessDenied (pid=0, name='System Idle Process')
> Unexpected error: <type 'exceptions.UnboundLocalError'>
> os.system("taskkill /f /pid
> "+str(proc._pid))
> #print("here1")
is there any suspected malware process needed to kill but accessed denied to
kill even with admin console in window 10
<bound method Process.name of <psutil.Process(pid=0, name='System Idle
Process') at 52164704>>
<bound method Process.name of <psutil.Process(pid=4, name='System') at
52164872>>
<bound method Process.name of <psutil.Process(pid=80, name='dwm.exe') at
52164928>>
<bound method Process.name of <psutil.Process(pid=160, name='TabTip.exe') at
52165208>>
<bound method Process.name of <psutil.Process(pid=328, name='smss.exe') at
52165600>>
<bound method Process.name of <psutil.Process(pid=352, name='svchost.exe') at
52165376>>
<bound method Process.name of <psutil.Process(pid=376, name='python.exe') at
52165992>>
<bound method Process.name of <psutil.Process(pid=560, name='csrss.exe') at
52166048>>
<bound method Process.name of <psutil.Process(pid=632, name='csrss.exe') at
52166104>>
<bound method Process.name of <psutil.Process(pid=656, name='wininit.exe') at
52166160>>
<bound method Process.name of <psutil.Process(pid=664, name='MpCmdRun.exe') at
52166216>>
<bound method Process.name of <psutil.Process(pid=712, name='winlogon.exe') at
52166272>>
<bound method Process.name of <psutil.Process(pid=768, name='services.exe') at
52166328>>
<bound method Process.name of <psutil.Process(pid=784, name='lsass.exe') at
52166384>>
<bound method Process.name of <psutil.Process(pid=872, name='svchost.exe') at
52166440>>
<bound method Process.name of <psutil.Process(pid=940, name='svchost.exe') at
52166496>>
<bound method Process.name of <psutil.Process(pid=948, name='svchost.exe') at
52166552>>
<bound method Process.name of <psutil.Process(pid=964, name='ETDService.exe')
at 52166608>>
<bound method Process.name of <psutil.Process(pid=1048, name='svchost.exe') at
52215880>>
<bound method Process.name of <psutil.Process(pid=1080, name='svchost.exe') at
52215936>>
<bound method Process.name of <psutil.Process(pid=1180, name='ETDTouch.exe') at
52215992>>
<bound method Process.name of <psutil.Process(pid=1184, name='taskhostw.exe')
at 52216104>>
<bound method Process.name of <psutil.Process(pid=1272, name='spoolsv.exe') at
52216216>>
<bound method Process.name of <psutil.Process(pid=1300,
name='PresentationFontCache.exe') at 52216272>>
<bound method Process.name of <psutil.Process(pid=1312, name='svchost.exe') at
52216328>>
<bound method Process.name of <psutil.Process(pid=1344, name='cmd.exe') at
52216384>>
<bound method Process.name of <psutil.Process(pid=1436, name='svchost.exe') at
52216496>>
<bound method Process.name of <psutil.Process(pid=1448, name='svchost.exe') at
52216552>>
<bound method Process.name of <psutil.Process(pid=1500, name='svchost.exe') at
52216664>>
<bound method Process.name of <psutil.Process(pid=1632, name='igfxHK.exe') at
52216720>>
<bound method Process.name of <psutil.Process(pid=1740,
name='igfxCUIService.exe') at 52216832>>
<bound method Process.name of <psutil.Process(pid=1748, name='conhost.exe') at
52216944>>
<bound method Process.name of <psutil.Process(pid=1920, name='svchost.exe') at
52217056>>
<bound method Process.name of <psutil.Process(pid=1976,
name='IntelCpHeciSvc.exe') at 52217112>>
<bound method Process.name of <psutil.Process(pid=1980, name='svchost.exe') at
52217224>>
<bound method Process.name of <psutil.Process(pid=2064, name='svchost.exe') at
52217280>>
<bound method Process.name of <psutil.Process(pid=2088, name='MsMpEng.exe') at
52217336>>
<bound method Process.name of <psutil.Process(pid=2220, name='Memory
Compression') at 52217392>>
<bound method Process.name of <psutil.Process(pid=2336,
name='backgroundTaskHost.exe') at 52217504>>
<bound method Process.name of <psutil.Process(pid=2460, name='dllhost.exe') at
52217616>>
<bound method Process.name of <psutil.Process(pid=2620, name='svchost.exe') at
52217728>>
<bound method Process.name of <psutil.Process(pid=2768, name='SearchUI.exe') at
52217784>>
<bound method Process.name of <psutil.Process(pid=2800,
name='SearchProtocolHost.exe') at 52217896>>
<bound method Process.name of <psutil.Process(pid=2884, name='NisSrv.exe') at
52218008>>
<bound method Process.name of <psutil.Process(pid=2924,
name='RuntimeBroker.exe') at 52218064>>
<bound method Process.name of <psutil.Process(pid=2976, name='TabTip32.exe') at
52218176>>
<bound method Process.name of <psutil.Process(pid=3036, name='svchost.exe') at
52218288>>
<bound method Process.name of <psutil.Process(pid=3080, name='explorer.exe') at
52218344>>
<bound method Process.name of <psutil.Process(pid=3280, name='sihost.exe') at
52218456>>
<bound method Process.name of <psutil.Process(pid=3336, name='igfxTray.exe') at
52218568>>
<bound method Process.name of <psutil.Process(pid=3380,
name='ShellExperienceHost.exe') at 52218680>>
<bound method Process.name of <psutil.Process(pid=3492, name='notepad.exe') at
52218848>>
<bound method Process.name of <psutil.Process(pid=3580, name='svchost.exe') at
52218960>>
<bound method Process.name of <psutil.Process(pid=3712,
name='SearchIndexer.exe') at 52219072>>
<bound method Process.name of <psutil.Process(pid=3744, name='igfxEM.exe') at
52219184>>
<bound method Process.name of <psutil.Process(pid=3760,
name='ETDCtrlHelper.exe') at 52219296>>
<bound method Process.name of <psutil.Process(pid=3772, name='ETDCtrl.exe') at
52219464>>
<bound method Process.name of <psutil.Process(pid=3872, name='ChtIME.exe') at
52219576>>
<bound method Process.name of <psutil.Process(pid=3880, name='WmiPrvSE.exe') at
52219632>>
<bound method Process.name of <psutil.Process(pid=3924,
name='SearchFilterHost.exe') at 52219688>>
<bound method Process.name of <psutil.Process(pid=3952, name='OneDrive.exe') at
52219800>>
<bound method Process.name of <psutil.Process(pid=4220, name='mmc.exe') at
52240512>>
<bound method Process.name of <psutil.Process(pid=4236, name='conhost.exe') at
52240624>>
<bound method Process.name of <psutil.Process(pid=4292,
name='ApplicationFrameHost.exe') at 52240680>>
<bound method Process.name of <psutil.Process(pid=4328, name='RAVCpl64.exe') at
52240792>>
<bound method Process.name of <psutil.Process(pid=4416, name='MSASCuiL.exe') at
52240904>>
<bound method Process.name of <psutil.Process(pid=4484, name='SrTasks.exe') at
52241016>>
<bound method Process.name of <psutil.Process(pid=4496,
name='TrustedInstaller.exe') at 52241072>>
<bound method Process.name of <psutil.Process(pid=5104,
name='SystemSettings.exe') at 52241184>>
<bound method Process.name of <psutil.Process(pid=5212, name='audiodg.exe') at
52241352>>
<bound method Process.name of <psutil.Process(pid=5216, name='smartscreen.exe')
at 52241408>>
<bound method Process.name of <psutil.Process(pid=5236, name='svchost.exe') at
52241464>>
<bound method Process.name of <psutil.Process(pid=5276,
name='MicrosoftEdgeCP.exe') at 52241520>>
<bound method Process.name of <psutil.Process(pid=5624,
name='MicrosoftEdgeCP.exe') at 52241688>>
<bound method Process.name of <psutil.Process(pid=5952,
name='InstallAgent.exe') at 52241800>>
<bound method Process.name of <psutil.Process(pid=6324, name='mmc.exe') at
52241912>>
<bound method Process.name of <psutil.Process(pid=6396,
name='backgroundTaskHost.exe') at 52241968>>
<bound method Process.name of <psutil.Process(pid=6632,
name='MicrosoftEdge.exe') at 52242080>>
<bound method Process.name of <psutil.Process(pid=6708,
name='browser_broker.exe') at 52242304>>
<bound method Process.name of <psutil.Process(pid=6936, name='TiWorker.exe') at
52242416>>
<bound method Process.name of <psutil.Process(pid=7260, name='Taskmgr.exe') at
52242472>>
<bound method Process.name of <psutil.Process(pid=7612, name='dllhost.exe') at
52242584>>
--
https://mail.python.org/mailman/listinfo/python-list
